Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/3230332e3131392e35322e302f32322d3234203d3e2034363232.roa
File:                     3230332e3131392e35322e302f32322d3234203d3e2034363232.roa (raw, json)
Hash identifier:          sPrSVsgXjJnnSjgcjSSz5s6ayA+lhV1OSgYmiqQE2xA=
Subject key identifier:   17:4C:A2:21:E0:E0:22:E5:89:F0:7D:DD:66:B2:95:BA:05:F0:36:B0
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       39E5A8DCCA1207D91C0BC9D2830EDC7E09418902
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3230332e3131392e35322e302f32322d3234203d3e2034363232.roa
Signing time:             Wed 24 Nov 2021 15:00:01 +0000
ROA not before:           Wed 24 Nov 2021 14:55:01 +0000
ROA not after:            Thu 24 Nov 2022 15:00:01 +0000
asID:                     4622
IP address blocks:        203.119.52.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            39:e5:a8:dc:ca:12:07:d9:1c:0b:c9:d2:83:0e:dc:7e:09:41:89:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
        Validity
            Not Before: Nov 24 14:55:01 2021 GMT
            Not After : Nov 24 15:00:01 2022 GMT
        Subject: CN=3082010A0282010100CB0837946F77CEA05CD0167A74E18CE35F5545AD21C04546147C16DA4E02E3DC57B60CDA4AEEE6E3FC794D1E8283AB661C6AA1874FBBFAE6761ECBC808193D682F328A6D24AA746822E7CE6B3B576524C48AC608224A50CDA0FC8B9286DFE7B659A1829089206AD9ADC262024FD045391AC7242000E3FF11940F3AC521B5FB5872DFEC9270CA8AD076EAB10ACAB876004A713D7FA1717818EFBB2C3D97D5A4C8AF05929C320FE8F5BAA1D8D03A94AC8C850E37934FE11A91F43B70CD3384375AA288349DC548B3BC01E0BF8EBA9D8D4413538287530383FB0D5D639591282F2BA70DE4B36ED6899A4561055082EF71448526897B87D95F87E66C53AD0CBE8F9F0203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:08:37:94:6f:77:ce:a0:5c:d0:16:7a:74:e1:
                    8c:e3:5f:55:45:ad:21:c0:45:46:14:7c:16:da:4e:
                    02:e3:dc:57:b6:0c:da:4a:ee:e6:e3:fc:79:4d:1e:
                    82:83:ab:66:1c:6a:a1:87:4f:bb:fa:e6:76:1e:cb:
                    c8:08:19:3d:68:2f:32:8a:6d:24:aa:74:68:22:e7:
                    ce:6b:3b:57:65:24:c4:8a:c6:08:22:4a:50:cd:a0:
                    fc:8b:92:86:df:e7:b6:59:a1:82:90:89:20:6a:d9:
                    ad:c2:62:02:4f:d0:45:39:1a:c7:24:20:00:e3:ff:
                    11:94:0f:3a:c5:21:b5:fb:58:72:df:ec:92:70:ca:
                    8a:d0:76:ea:b1:0a:ca:b8:76:00:4a:71:3d:7f:a1:
                    71:78:18:ef:bb:2c:3d:97:d5:a4:c8:af:05:92:9c:
                    32:0f:e8:f5:ba:a1:d8:d0:3a:94:ac:8c:85:0e:37:
                    93:4f:e1:1a:91:f4:3b:70:cd:33:84:37:5a:a2:88:
                    34:9d:c5:48:b3:bc:01:e0:bf:8e:ba:9d:8d:44:13:
                    53:82:87:53:03:83:fb:0d:5d:63:95:91:28:2f:2b:
                    a7:0d:e4:b3:6e:d6:89:9a:45:61:05:50:82:ef:71:
                    44:85:26:89:7b:87:d9:5f:87:e6:6c:53:ad:0c:be:
                    8f:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:4C:A2:21:E0:E0:22:E5:89:F0:7D:DD:66:B2:95:BA:05:F0:36:B0
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3230332e3131392e35322e302f32322d3234203d3e2034363232.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.119.52.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4e:45:8a:a5:d1:66:f0:41:14:b2:8f:f8:81:dc:56:36:06:e1:
         db:ed:4e:de:6f:00:bb:f4:38:73:ee:3c:67:f6:ec:c9:42:e9:
         72:83:51:9f:b4:99:92:76:c7:02:3f:a5:11:5b:55:db:ec:84:
         c0:3a:28:83:b1:a4:c0:0b:46:1c:fe:1c:d4:4c:99:f0:ff:cc:
         ac:5f:b9:74:2c:45:fe:e9:41:56:f1:84:53:71:2e:d5:11:12:
         20:55:14:c7:67:a0:2d:fc:0b:11:67:2f:02:19:2e:ef:83:6c:
         cb:b0:15:76:7b:cd:30:29:18:46:da:55:b0:a6:6d:fc:09:fb:
         14:44:0c:d0:db:2e:fc:f6:34:0c:a7:8d:b3:0f:01:63:9f:bb:
         85:ac:52:e7:f2:f3:5d:cf:db:be:0e:c9:07:db:d7:09:9e:93:
         d8:08:c7:9e:bf:7a:2b:3a:77:fb:77:27:59:d3:13:eb:b0:61:
         b9:d9:84:3f:6f:c8:2a:85:19:af:f5:65:0c:31:e3:cb:01:a2:
         f6:6d:ed:ed:0a:ee:e5:ff:02:d2:a4:01:27:d0:6a:74:ba:50:
         cf:06:fd:e9:33:a0:3f:5d:40:b7:59:e3:10:20:ab:33:40:a4:
         ec:eb:dd:81:cd:ef:2e:71:5c:33:8e:31:f5:d7:b7:d2:e6:a5:
         d2:55:3a:4d
-----BEGIN CERTIFICATE-----
MIIHBjCCBe6gAwIBAgIUOeWo3MoSB9kcC8nSgw7cfglBiQIwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIxMTEyNDE0NTUwMVoX
DTIyMTEyNDE1MDAwMVowggItMYICKTCCAiUGA1UEAxOCAhwzMDgyMDEwQTAyODIw
MTAxMDBDQjA4Mzc5NDZGNzdDRUEwNUNEMDE2N0E3NEUxOENFMzVGNTU0NUFEMjFD
MDQ1NDYxNDdDMTZEQTRFMDJFM0RDNTdCNjBDREE0QUVFRTZFM0ZDNzk0RDFFODI4
M0FCNjYxQzZBQTE4NzRGQkJGQUU2NzYxRUNCQzgwODE5M0Q2ODJGMzI4QTZEMjRB
QTc0NjgyMkU3Q0U2QjNCNTc2NTI0QzQ4QUM2MDgyMjRBNTBDREEwRkM4QjkyODZE
RkU3QjY1OUExODI5MDg5MjA2QUQ5QURDMjYyMDI0RkQwNDUzOTFBQzcyNDIwMDBF
M0ZGMTE5NDBGM0FDNTIxQjVGQjU4NzJERkVDOTI3MENBOEFEMDc2RUFCMTBBQ0FC
ODc2MDA0QTcxM0Q3RkExNzE3ODE4RUZCQjJDM0Q5N0Q1QTRDOEFGMDU5MjlDMzIw
RkU4RjVCQUExRDhEMDNBOTRBQzhDODUwRTM3OTM0RkUxMUE5MUY0M0I3MENEMzM4
NDM3NUFBMjg4MzQ5REM1NDhCM0JDMDFFMEJGOEVCQTlEOEQ0NDEzNTM4Mjg3NTMw
MzgzRkIwRDVENjM5NTkxMjgyRjJCQTcwREU0QjM2RUQ2ODk5QTQ1NjEwNTUwODJF
RjcxNDQ4NTI2ODk3Qjg3RDk1Rjg3RTY2QzUzQUQwQ0JFOEY5RjAyMDMwMTAwMDEw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLCDeUb3fOoFzQFnp04Yzj
X1VFrSHARUYUfBbaTgLj3Fe2DNpK7ubj/HlNHoKDq2YcaqGHT7v65nYey8gIGT1o
LzKKbSSqdGgi585rO1dlJMSKxggiSlDNoPyLkobf57ZZoYKQiSBq2a3CYgJP0EU5
GsckIADj/xGUDzrFIbX7WHLf7JJwyorQduqxCsq4dgBKcT1/oXF4GO+7LD2X1aTI
rwWSnDIP6PW6odjQOpSsjIUON5NP4RqR9DtwzTOEN1qiiDSdxUizvAHgv466nY1E
E1OCh1MDg/sNXWOVkSgvK6cN5LNu1omaRWEFUILvcUSFJol7h9lfh+ZsU60Mvo+f
AgMBAAGjggH9MIIB+TAdBgNVHQ4EFgQUF0yiIeDgIuWJ8H3dZrKVugXwNrAwHwYD
VR0jBBgwFoAUuo930h5Y/pyTmmtw4lhWF+GDN2swDgYDVR0PAQH/BAQDAgeAMGkG
A1UdHwRiMGAwXqBcoFqGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQkE4Rjc3RDIxRTU4RkU5QzkzOUE2QjcwRTI1ODU2MTdFMTgz
Mzc2Qi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jw
a2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdD
NzJGRDFGRjIvdW85MzBoNVlfcHlUbW10dzRsaFdGLUdETjJzLmNlcjCBgAYIKwYB
BQUHAQsEdDByMHAGCCsGAQUFBzALhmRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby9JRE5JQy1JRC8yLzMyMzAzMzJlMzEzMTM5MmUzNTMyMmUzMDJmMzIz
MjJkMzIzNDIwM2QzZTIwMzQzNjMyMzIucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALLdzQwDQYJKoZIhvcN
AQELBQADggEBAE5FiqXRZvBBFLKP+IHcVjYG4dvtTt5vALv0OHPuPGf27MlC6XKD
UZ+0mZJ2xwI/pRFbVdvshMA6KIOxpMALRhz+HNRMmfD/zKxfuXQsRf7pQVbxhFNx
LtUREiBVFMdnoC38CxFnLwIZLu+DbMuwFXZ7zTApGEbaVbCmbfwJ+xREDNDbLvz2
NAynjbMPAWOfu4WsUufy813P274OyQfb1wmek9gIx56/eis6d/t3J1nTE+uwYbnZ
hD9vyCqFGa/1ZQwx48sBovZt7e0K7uX/AtKkASfQanS6UM8G/ekzoD9dQLdZ4xAg
qzNApOzr3YHN7y5xXDOOMfXXt9LmpdJVOk0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:48 2024 by rpki-client on console-ams.rpki-client.org